New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
core: prevent self-impersonation #6885
Conversation
✅ Deploy Preview for authentik-storybook ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
Codecov ReportAll modified lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #6885 +/- ##
==========================================
- Coverage 92.71% 92.65% -0.05%
==========================================
Files 567 567
Lines 27939 27959 +20
==========================================
+ Hits 25900 25903 +3
- Misses 2039 2056 +17
Flags with carried forward coverage won't be shown. Click here to find out more.
☔ View full report in Codecov by Sentry. |
authentik PR Installation instructions Instructions for docker-composeAdd the following block to your AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-core-fix-self-impersonation-1694627979-a0d10ad
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s For arm64, use these values: AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-core-fix-self-impersonation-1694627979-a0d10ad-arm64
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s Afterwards, run the upgrade commands from the latest release notes. Instructions for KubernetesAdd the following block to your authentik:
outposts:
container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
image:
repository: ghcr.io/goauthentik/dev-server
tag: gh-core-fix-self-impersonation-1694627979-a0d10ad For arm64, use these values: authentik:
outposts:
container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
image:
repository: ghcr.io/goauthentik/dev-server
tag: gh-core-fix-self-impersonation-1694627979-a0d10ad-arm64 Afterwards, run the upgrade commands from the latest release notes. |
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
a0d10ad
to
423aa64
Compare
* main: (41 commits) root: fix missing /lifecycle in path website/blog: add info-block to blog about m2m (#7002) root: handle SIGHUP and SIGUSR2, healthcheck gunicorn (#6630) flows: stage_invalid() makes flow restart depending on invalid_response_action setting (#6780) core: bump psycopg from 3.1.11 to 3.1.12 (#6997) core: bump pydantic from 2.4.0 to 2.4.1 (#6998) web: bump the sentry group in /web with 2 updates (#6999) web: bump pyright from 1.1.328 to 1.1.329 in /web (#7000) website/blog: improved sentence (#6995) website/blog: fix missing link in m2m post (#6994) web/user: fix incorrect link to admin interface (#6993) root: disable APPEND_SLASH (#6928) root: replace boj/redistore with vendored version of rbcervilla/redisstore (#6988) sources/ldap: add default property mapping to mirror directory structure (#6990) website/blogs: Blog about m2m (#6974) root: make Celery worker concurrency configurable (#6837) root: make postgres connection in makefile customizable (#6977) core: prevent self-impersonation (#6885) web: bump @typescript-eslint/parser from 6.7.2 to 6.7.3 in /web (#6984) core: bump pydantic from 2.3.0 to 2.4.0 (#6979) ...
closes #6863
Checklist
ak test authentik/
)make lint-fix
)If an API change has been made
make gen-build
)If changes to the frontend have been made
make web
)make i18n-extract
)If applicable
make website
)